In a new post to his site Freek Van der Herten covers how some of the changes that happened in Laravel's v5.5 release would impact the packages Spatie shares, some of the more popular PHP packages with a wide range of functionality.

At Spatie we’ve released a auto-discovery facades functionality, LTS releases and how some new functionality replaces (retires) packages Spatie had already released.

Laravel 5.5 is probably the best release yet. But, in all honesty, I think that of every Laravel release. My recommendation is to get your apps upgraded to this version as soon as possible. The reward is that you can make use of all L5.5’s new features and the latest major versions of our packages.

When building an application, we often need to set up an access control list (ACL). An ACL specifies the level of permission granted to a user of an application. For example a user John may have the permission to read and write to a resource while another user Smith may have the permission only to read the resource.

In this tutorial, I will teach you how to add access control to a Laravel app using Laravel-permission package. For this tutorial we will build a simple blog application where users can be assigned different levels of permission.

The tutorial then walks though the installation of the package and some of the new tables it adds to the database when you run the included migrations. It then talks about some of the methods that can be used, both on the backend and in Blade templates, to evaluate if the current user has the roles required. Next up is the creation of the controllers to handle the basic CRUD tasks and working with the blog posts and views to set up the permissions and roles. Finally the tutorial shows the code required to evaluate the roles and permissions of the user and an example of middleware that performs a pre-check to see if a user even has access to manage various pieces of the application.

On the QCode.in site Saqueib Ansari has written up a tutorial showing how to use a package in Laravel applications to manage roles and permissions easily. This package, spatie/laravel-permission, compliments the current Laravel roles/permissions handling with a few handy features that make management and evaluation simpler.

Although laravel comes with Policies to handle the authorization but I wanted to have an option to just create permissions in the database which we can manage by a UI in the admin panel, pretty standard. we can implement our own role and permission from scratch but I am going to use [spatie/laravel-permission](https://github.com/spatie/laravel-permission) package for this. This package was inspired by Jeffrey ways screencast and it’s very well maintained and very easy to use. It has everything we need and plays very well with Laravel Gate and Policies implementations.

He walks through the creation of a new Laravel application, running the auth:make to generate the authentication functionality and adding the spatie/laravel-permission package to the service provider. He creates several models for permissions and roles and updates the User model with a new trait. Once the migrations are run, he creates a default permission set. Then it's on to the code for the endpoints to work with roles (including syncing them with permissions). He then moves over to the views, showing how to use the can helper to determine if a user has access, creating an Authorizable trait and an AuthorizationException handler. Finally the tutorial wraps up with the roles and permissions management functionality complete with code and screenshots of the result.